8 matches found
CVE-2025-46364
Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user with known password can run CLI Escape Vulnerability to gain control of system...
PHP 环境问题漏洞
PHP is a scripting language for PHP that executes on the server side. A security vulnerability exists in PHP versions prior to 8.1.30, 8.2.24, and 8.3.12, which stems from a flaw in the parsing of the data content of multi-part forms, which could result in legitimate data being left unprocessed,...
CVE-2023-0834
Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on MacOS allows Privilege Escalation.This issue affects Workforce Access: from 6.12 before 8.1...
AZL-13740 CVE-2023-0567 affecting package php for versions less than 8.1.16-1
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, passwordverify function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid...
Advantech WebAccess Cross-Site Request Forgery Vulnerability
WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation devices in facility management systems, power stations and building automation systems. A cross-site request forgery vulnerability exists in Advantech WebAccess versions pri...
Advantech WebAccess Denial of Service Vulnerability
WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation devices in facility management systems, power stations and building automation systems. A security vulnerability exists in Advantech WebAccess versions prior to 8.1, which c...
CVE-2016-0858
Race condition in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow via a crafted request...
CVE-2016-0856
Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors...